this post was submitted on 10 Aug 2023
523 points (98.0% liked)

Technology

60056 readers
3593 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
 

cross-posted from: https://kbin.projectsegfau.lt/m/tech@kbin.social/t/26889

Google just announced that all RCS conversations in Messages are now fully end-to-end encrypted, even in group chats. RCS stands for Rich Communication Services and is replacing traditional text and picture messaging, providing you with more dynamic and secure features. With RCS enabled, you can share high-res photos and videos, see typing indicators for your...

top 50 comments
sorted by: hot top controversial new old
[–] Kbin_space_program@kbin.social 102 points 1 year ago (3 children)

Fun fact, a group I knew in uni made an end to end encryption program that sent messages through Google more than a decade ago and Google got really, really mad at them threatening to shut down all Google accounts associated with all IP addresses they used.

Guarantee it's not fully E2E.

[–] echo64@lemmy.world 110 points 1 year ago (4 children)

It's E2E, E2E isn't really something you can be sneaky about unless you roll your own encryption and then make claims about it totally being safe bro

They, however, run the app you are using to type everything, the keyboard you are using to type everything and the os you are using to type everything. If they want something, they don't need to look at your in flight messages.

[–] TheHobbyist@lemmy.zip 34 points 1 year ago (11 children)

The trust doesn't even have to be in the encryption, they could very well use the same signal protocol. They would only need a copy of the keys you are using and you wouldn't even know... That's the problem with closed source programs, there is no certainty that its not happening (and I'm not saying it is, I can't prove it, obviously, but the doubt remains, we need to trust these companies not to screw us over and they don't really have the best track record in that...)

load more comments (11 replies)
[–] Rooki@lemmy.world 15 points 1 year ago

They can... everything is closed there. It can just be "encrypted" for your eyes

[–] GigglyBobble@kbin.social 6 points 1 year ago (1 children)

It’s E2E, E2E isn’t really something you can be sneaky about unless you roll your own encryption and then make claims about it totally being safe bro

With a closed source app? Of course you can. How is anyone supposed to know what keys you use for encryption? Doesn't even need to be a remote one - just the key generation be reproducible by the developer.

load more comments (1 replies)
[–] art@lemmy.world 3 points 1 year ago* (last edited 1 year ago)

I know they have unencrypted versions from my phone because my tablet and desktop version of messages seamlessly connects to the chat. So it's probably be E2E in transit alone.

[–] pjhenry1216@kbin.social 22 points 1 year ago (1 children)

Sent messages "through Google"? Like Chat? Email? That's such an ambiguous statement.

E2EE has been a available approaching three years now. I'd imagine if they were lying and defrauding the population, someone would have found out by now. This announcement is just that it's on by default for everyone.

[–] lemmyvore@feddit.nl 17 points 1 year ago (1 children)

It doesn't matter if it's E2E or not when Google can spy on you directly on the phones at either end.

Pretty much

You can use whatever chat clients you want. Multi-billion dollar companies control your OS. They don't need to sneak in a rootkit: The OS is their rootkit.

E2E encryption is theoretically nice in the event there is a man in the middle at the cell tower or company. It is of arguable (zero?) value in sim spoof situations. But it is better than not

But still, don't trust it for anything that google/apple might care about. Because transmitting and processing voice is hard. Effectively grepping a screen for such dangerous words as "terorrism" and "union" is almost zero cost. Like, I don't expect google to give a shit about if you like hookers or buy drugs or whatever. But if you are involved in anything that could impact their bottom line...

[–] happyhippo@feddit.it 60 points 1 year ago* (last edited 1 year ago) (3 children)

Reminds me how much I hate Apple.

Thanks Google for making Android.

Now please turn the evil knob down a notch and go back being the awesome company you once were.

Edit: typo

[–] June@lemm.ee 14 points 1 year ago (7 children)

The fuck does this have to do with Apple?

[–] DingoBilly@lemmy.world 42 points 1 year ago (6 children)

Apple purposely will not integrate this to keep a walled garden around their ecosystem and make messaging between apole/Android a shit experience.

In a perfect world everyone would just adopt rcs, it's better for consumers but Apple only gives a shit about branding/$$$.

[–] 9tr6gyp3@lemmy.world 12 points 1 year ago (1 children)

But Signal has been available on Android and iOS this whole time.

[–] Not_Alec_Baldwin@lemmy.world 3 points 1 year ago (2 children)

Signal killing text support killed Signal for me. Sadge.

load more comments (2 replies)
load more comments (5 replies)
load more comments (6 replies)
[–] AWittyUsername@lemmy.world 12 points 1 year ago

I feel like Google has everything to gain and apple has more to lose by implementing this. It's not good guy Google, bad guy Apple. It's a business decision. I say this as an Apple hater.

If the shoe was on the other foot Google would be doing the same thing.

[–] phoneymouse@lemmy.world 6 points 1 year ago

Google tracks you everywhere you go all over the internet. Like 90% of websites have a script that calls home to Google to let them know you visited. That’s their business model.

[–] GrimChaos@lemmy.world 56 points 1 year ago* (last edited 1 year ago) (1 children)

Now, open up the RCS API to third party texting apps... Like you said you would many years ago

[–] TheRedSpade@lemmy.world 5 points 1 year ago

Yes! I'd love to go back to using Signal as my main messaging app.

[–] kaato@lemmy.world 39 points 1 year ago (12 children)

Using Signal since a few years. Don’t know anything about security but from a user perspective, I can highly recommend it. Takes some time converting your friends but after that it does its thing.

[–] Cralder@feddit.nu 15 points 1 year ago (2 children)

In my experience some friends are unconvertable, and at that point group chats with those friends just end up in the same place as before.

[–] kaato@lemmy.world 5 points 1 year ago (1 children)

Yeah, that’s entirely possible; I have some friends unwilling to convert (or that I haven’t bothered with). I do however note an increase in use in Sweden, so I’m still hopeful. Best converter would of course be major screw up from WhatsApp etc. which may or may not happen, but then I’ll be ready to bang the drums again :)

load more comments (1 replies)
load more comments (1 replies)
[–] HurlingDurling@lemm.ee 9 points 1 year ago (2 children)

But that doesn't help with sms or rcs. I wish there was an rcs client that was not made by Google

[–] TheLight@lemmy.dbzer0.com 4 points 1 year ago

As far as I know Google doesn't allow third party apps to plug into RCS.

This is why them bashing Apple for this particular issue always seemed hypocritical to me, they want this to be their own closed ecosystem, with Apple being the exception because they have enough clout to actually go it alone or even take users away from Android.

Ideally you'd have apps like Signal plugging into the same end-to-end encryption for interoperability, but Google won't allow that because they just want people to use Google Messages for RCS, and nothing else.

load more comments (1 replies)
[–] xodoh74984@lemmy.world 8 points 1 year ago (6 children)

To my knowledge, Signal is the only verifiably secure encrypted messaging app that's market ready. Signal is fully open source, including its encryption algorithm which has been tested numerous times and even gotten government agencies like the FBI all butthurt that can't break it or get a backdoor from the devs. I have a friend whose cryptography professor contributed to the project.

It was only in recent years that Signal upped their game enough with the user experience for me to start recommending it to friends and family. In 2013, when I first recall trying it out, Signal was more clunky and always wanted to be your default SMS app. I didn't like that, because at the time they didn't have a client to send messages from your computer.

Nowadays they have an desktop app that syncs with your phone, video calling, and even stories – which some people find weird but I'm all for non-Zuccubus owned private and secure alternatives to social media. I'm pretty sure anyone on Lemmy would love to pull more power away from these surveillance based ad companies and stop being data cows.

Tl;dr: Fuck the Zuck, keep promoting Signal, democratize the internet

load more comments (6 replies)
load more comments (9 replies)
[–] Mesaji@lemmy.world 21 points 1 year ago

But everything still kept in their cloud right?

[–] king_tronzington@lemm.ee 21 points 1 year ago (4 children)

Definitely happy that this is happening, good on them. However in practice since most of my friends are on iOS I'm still reduced to SMS/MMS and a terrible user experience

[–] PlutoniumAcid@lemmy.world 4 points 1 year ago

My entire universe uses whatsapp exclusively 🤮 and I refuse.

load more comments (3 replies)
[–] EyesEyesBaby@lemmy.world 13 points 1 year ago (2 children)

As an Apple owner I hope Apple will implement this too. I live in a country where everybody communicates through WhatsApp unfortunately.

[–] Ape550@lemmy.world 10 points 1 year ago (2 children)

What do you mean? iMessage is fully end to end encrypted.

As far as google messages RCS goes, that’s googles proprietary version of RCS.

[–] stinky613@lemmy.sdf.org 21 points 1 year ago

I think they might mean they wish Apple would support RCS in general (which Apple has been refusing to do)

[–] Telodzrum@lemmy.world 3 points 1 year ago (4 children)

iMessage is not fully E2E encrypted unless you have advanced data protection turned on. If you don’t, the keys to your conversations still rest on Apple’s servers.

[–] SulaymanF@lemmy.world 8 points 1 year ago (1 children)

That’s untrue. The keys are generated on your device and Apple doesn’t have those stored. You need apple devices to grant access for another device as Apple doesn’t have your key. There’s other security holes where apple can generate new keys but that doesn’t change the fact that it is actually E2E encrypted.

load more comments (1 replies)
[–] Starmina@lemm.ee 6 points 1 year ago (1 children)

I don’t think it’s true as long as you don’t make iCloud Backups

[–] feifei@lemm.ee 4 points 1 year ago

This is the correct answer.

load more comments (2 replies)
load more comments (1 replies)
[–] meiti@lemmy.world 13 points 1 year ago

I think it's a good move. Carriers are decentralized by design, af if they were not greedy and stupid, they could come up with at least one decent messaging. RCS is good by they did not make e2e mandatory in the protocol.

[–] TropicalDingdong@lemmy.world 10 points 1 year ago (3 children)

The fuck is google messages? Is this what replaced hangouts?

[–] morph@sopuli.xyz 18 points 1 year ago

Hilarious assumption, but nope. It’s just the default sms app on google phones.

[–] ewe@lemmy.world 14 points 1 year ago* (last edited 1 year ago)

Google Chat replaced hangouts and is not E2E.

Google Messages is the Android default SMS App, at least on Pixel phones. It is Android's best equivalent to "iMessage"

[–] hop@rabbitea.rs 6 points 1 year ago (1 children)

It's the default SMS application on Pixel devices.

load more comments (1 replies)
[–] linearchaos@lemmy.world 8 points 1 year ago* (last edited 1 year ago)

You bet it's end to end and encrypted with my key and your key and our friends key the CIA's key... Wait, what?

/s... I hope

load more comments
view more: next ›